ICT assurance for agencies
Through the investor assurance process, ICT/Digital Investment and Assurance (ICTA) provides independent advice to delivery agencies and direct reporting to the NSW Cabinet and the Delivery and Performance Committee (DaPCo). This independent advice and reporting contributes to the delivery of the NSW Government's ICT projects to time, budget and in accordance with government objectives through:
- Gateway Reviews, Health Checks and Deep Dive Reviews
- Regular project reporting based on inputs provided by delivery agencies
Gateway Reviews and Health Checks
The ICT Digital Assurance Framework (PDF, 5.13 MB) is a Gateway Coordination Agency (GCA) framework that incorporates a risk-based approach to ICT investment assurance consistent with NSW Gateway Policy and the NSW ICT Governance Model.
The IAF Gateway Review process provides for a series of short, focused, independent expert reviews, held at key decision points in a project's lifecycle. The Gateway Reviews are appraisals of ICT projects, that highlight risks and issues, which if not addressed may threaten successful delivery.
Gateway Reviews are supported by periodic Health Checks which assist in identifying issues which may emerge between decision points. Health Checks will be carried out, when required, by an independent team of experienced practitioners (industry experts including from the private sector), appointed by ICT/Digital Investment and Assurance.
Deep Dive Reviews are like Health Checks but focus on a specific issue or limited terms of reference rather than the full range of issues normally considered at a Health Check.
Gateway Reviews are conducted by independent experienced practitioners, appointed by ICT/Digital Investment and Assurance to form a Review Team. Practitioners appointed to a Review Team are selected according to each project / program's needs, and to provide a mix of skills, knowledge and experience. The independence of the Review Team from the project together with the independence of ICT/Digital Investment and Assurance is the key to delivering objective, high quality reviews and review Reports.
During a Gateway Review, the Review Team interview key stakeholders and review relevant documents. This enables the independent review team to identify project risks and provide recommendations on how these should be addressed, as well as identify opportunities to complement delivery of a project or program.
Gateway Review requirements for projects under the IAF are proportionate to their Tier level:
- Tier 1 – High Profile / High Risk projects must pass through all Gates
- Tier 2 – projects must pass Gate 1 (Strategic Alignment), Gate 2 (Business Case), Gate 3 (Pre-execution) and Gate 6 (Post-implementation)
- Tier 3 – projects must pass Gate 1 (Strategic Alignment) and Project Sponsor Commissioned reviews at Gate 2 (Business Case), Gate 3 (Pre-execution) and Gate 6 (Post-implementation)
- Tier 4 – projects must pass Project Sponsor Commissioned reviews at Gate 1 (strategic Alignment) and Gate 2 (Business Case)
- Tier 5 – projects (lowest risk) arranges for its own internal Project Sponsor Commissioned Gateway reviews.
Health Checks are independent reviews conducted as required to identify/resolve issues which arise at a point in time between Gateway Reviews, and are also compulsory for Tier 1 – High Profile / High Risk projects every six months during the delivery stage.
Regular Project Reporting
ICT/Digital Investment and Assurance prepares regular project reports which provide an assessment of project development and delivery against:
- Risks and Issues
To support regular project reporting, delivery agencies provide timely and comprehensive project information. Reports are lodged by the relevant delivery agency after delegated executive approval is given.
Regular project reporting is required monthly for all projects registered with ICT/Digital Investment and Assurance.
Data reported in the ICT Assurance portal will also be made available to the Minister for Customer Service and DaPCo. Delivery and Performance Committee (DaPCo) is a new subcommittee of the NSW Cabinet responsible for monitoring and reviewing the delivery of NSW Government priorities, election commitments, projects, programs and services, ensuring they are delivered in a timely manner, achieve value for money and optimise customer service.
ICT Project Management Community of Practice (ICT PM CoP)
The NSW Government ICT PM Community of Practice (CoP) is a group of NSW Government practitioners with Project management and Project Management Office expertise, with a common sense of purpose who agree to work together to solve problems, share knowledge, cultivate best practice and foster innovation.
The CoP is held quarterly and has been established as a strategy for promoting best practice in Project Management and management of the Project Management Office across NSW Government agencies.
For more information on assurance for agencies email firstname.lastname@example.org.